Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday February 07 2018, @03:07PM   Printer-friendly
from the control-your-scripts dept.

Submitted via IRC for TheMightyBuzzard

As if there aren't enough ways to attack a WordPress site, an Israeli researcher has published details of how almost anyone can launch a denial of service (DoS) attack against almost any WordPress with just one computer. That, he suggests, is almost 30% of all websites on the internet.

The attack uses the vulnerability associated with CVE-2018-6389. The CVE database, at the time of writing, has no details, marking it only as 'reserved' for future use. Details, however, can be found in a Barak Tawily blog post published Monday. It is an abuse of the WordPress load-scripts.php function, which exists to allow administrators/web designers to improve website performance by combining multiple JavaScript files into a single request at the server end.

[...] Tawily goes on to show that mitigation isn't really that difficult if you know what to do (which many WordPress users do not). He "forked WordPress project and patched it so no one but authenticated users can access the load-*.php files, without actually harming the wp-login.php file functionality." He goes further to provide a bash script that modifies the relevant files to mitigate the vulnerability.

Source: http://www.securityweek.com/one-computer-can-knock-almost-any-wordpress-site-offline


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by MichaelDavidCrawford on Thursday February 08 2018, @01:33AM

    by MichaelDavidCrawford (2339) Subscriber Badge <mdcrawford@gmail.com> on Thursday February 08 2018, @01:33AM (#634605) Homepage Journal

    I told this story once before:

    scoop.kuro5hin.org got overrun by link spammers. Just out of curiosity I clicked one of the links.

    It took me to an ecommerce site that sold WordPress themes. Every last one of those themes was heart-achingly beautiful. It was quite clear that whoever rendered them did so with great love and care, and that they had an art school degree.

    Why does a site like this need to spam? I googled it.

    There was only one hit, just for the homepage and nothing else. I felt really bad for whoever hoped to better themselves by building that exquisite site. Surely there was a reason for this?

    At some point I clued in to looking at the homepage's HTML source. And there in the head element was a "rel='nofollow'" attribute that blocked the whole rest of the site from search bots.

    Doubtlessly WordPress's creators put that nofollow tag there to keep a lid on spammers. But also doubtlessly that nofollow tag crushes the dreams of those who do not know how to read source.

    --
    Yes I Have No Bananas. [gofundme.com]
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3